Distributed key secret for rewritable blockchain
Abstract
A system includes circuitry for rewriting blockchains in a non-tamper-evident or tamper-evident operation using a key secret held in portions by multiple individually untrusted parties. The blockchains may include a series of blocks secured by integrity codes that may prevent non-tamper-evident rewrites by non-trusted parties that are not in possession of the key secret or individually-untrusted parties in possession of only a portion of the key secret. In some cases, multiple individually-untrusted parties may combine their portions into the key secret. As a group, the multiple individually-untrusted parties may perform non-tamper-evident operation with respect to at least one integrity code within the blockchain.
Claims
exact text as granted — not AI-modifiedWhat is claimed is:
1. A method including:
at rewrite circuitry:
receiving a first portion of a key secret via a key secret exchange protocol;
combining the first portion with at least a second or a third portion of the key secret to obtain the key secret; and
using the key secret, performing at least a validity-preserving rewrite to a selected block of a data-tamper-protected blockchain, wherein the validity-preserving rewrite is implemented by substituting the selected block with a second block with different data content that produces the same or an equivalent integrity output.
2. The method of claim 1 , where:
the first portion is controlled by a first individually-untrusted party; and
the second portion is controlled by a second individually-untrusted party different from the first portion.
3. The method of claim 2 , further including combining the first portion with at least the third portion of the key secret to support a non-tamper-evident rewrite to the data-tamper-protected blockchain and the third portion is controlled by a third individually-untrusted party different from the first portion.
4. The method of claim 1 , where:
combination of the first and third portions without the second portion is sufficient to support a non-tamper-evident rewrite to the data-tamper-protected blockchain; and
combination of the second and third portions without the first portion is insufficient to support the non-tamper-evident rewrite to the data-tamper-protected blockchain.
5. The method of claim 1 , where combining the first portion with a second portion includes executing a key exchange operation that prevents disclosure of content of the first and second portions.
6. The method of claim 1 , further including:
combining at least the first and third portions to exceed a granting threshold and obtain a granting key secret; and
responsive to obtaining the granting key secret, assigning at least a key secret portion to an untrusted party.
7. A method including:
at rewrite circuitry:
obtaining a number of key secret portions;
combining the number of key secret portions,
the combining responsive to an event,
the event including the number of key secret portions exceeding a predetermined threshold,
the predetermined threshold including a threshold for validity-preserving rewrites; and
the combining executed to obtain a rewrite key secret; and
performing a validity-preserving rewrite to a selected block of a data-tamper-protected blockchain,
the performing responsive to obtaining the rewrite key secret, and
the performing including determining new content for the selected block using the rewrite key secret,
wherein the validity-preserving rewrite is implemented by substituting the selected block with a second block with different data content, including the new content, which produces the same or an equivalent integrity output.
8. The method of claim 7 , where:
a first portion of the number of key secret portions is controlled by a first individually-untrusted party; and
a second portion of the number of key secret portions is controlled by a second individually-untrusted party different from the first portion.
9. The method of claim 8 , further including combining the first portion with at least a third portion of the number of key secret portions to support a non-tamper-evident rewrite to the data-tamper-protected blockchain and the third portion is controlled by a third individually-untrusted party different from the first portion.
10. The method of claim 7 , where:
combination of a first and a third portions of the number of key secret portions without a second portion of the number of key secret portions is sufficient to support a non-tamper-evident rewrite to the data-tamper-protected blockchain; and
combination of the second and third portions without the first portion is insufficient to support the non-tamper-evident rewrite to the data-tamper-protected blockchain.
11. The method of claim 7 , where combining a first portion with a second portion of the number of key secret portions includes executing a key exchange operation that prevents disclosure of content of the first and second portions.
12. The method of claim 7 , further including:
combining at least a first portion and a third portion of the number of key secret portions without a second portion of the number of key secret portions to exceed a granting threshold and obtain a granting key secret; and
responsive to obtaining the granting key secret, assigning at least a key secret portion to an untrusted party.Cited by (0)
No later patents cite this yet.
References (0)
No backward citations on record.